Tufin Technologies Discusses Security Lifecycle Management

Security lifecycle management solutions face two key challenges: they have to ensure network infrastructure security and at the same time, have to be highly compliant with regulatory and corporate policies. An ideal security solution reduces the complexity of network management ensuring proactive compliance to regulations.

 

Frost & Sullivan (News - Alert) recently recognized Tufin Technologies’ SecureChange Workflow as a “pioneering security change management solution to provide a proactive change management solution to the enterprise.”

 

Tufin Technologies, a provider of firewall operations management solutions with headquarters in Israel, has been offering its services to more than 150 customers, including financial institutions, telecom and pharmaceutical companies, and telecom service providers across the world.

 

Recently TMCnet caught up with Ruvi Kitov, CEO and co-founder of Tufin Technologies, to talk about the driving forces in security lifecycle management segment and the company’s stake in the market.

 

Companies that are managing 10’s to 100’s of firewalls, security and networking devices, with one or more data centers and with many configuration change requests per day are feeling the pain and understand the need for robust, cross vendor, enterprise ready Security Lifecycle Management solutions.

 

The latest trends in security lifecycle management we’re seeing are, Integration of security operations management solution on top of the security and networking vendors’ tools to achieve consistent policy management, real-time change tracking with full accountability, policy cleanup and optimization; security auditing and governance integration to ensure compliance with corporate, government and industry standards like PCI-DSS, SOX, GLBA and HIPPA and companies are coming to understand that the current state of the art enterprise help-desk and ticketing solutions are completely unaware of security and business continuity aspects.

 

The trend we’re seeing in the last months is for help-desk solutions that are security and business continuity aware. The ultimate challenges are understanding the impact of a requested change before it is being implemented; separation of duties and ability to verify that the implemented change answers precisely the initial requested change.

 

 

In an attempt to apply and enforce security objectives on the ground, highly skilled managers rely on an array of administration tools from different vendors to implement configuration changes and to gather and analyze security data.

 

Today, this process involves many repetitive, error-prone manual tasks and success depends entirely on the continuous vigilance of the security operations team.  As a result, these factors create an urgent need for business automation and management solutions that can help security teams to effectively align day-to-day operations with organizational business objectives. In practical terms, security teams need:

 

        Change management to ensure that every change to infrastructural security policy is in accordance with corporate standards and can be fully explained and tracked.

       Process automation toensure compliance and accountability and to eliminate manual, repetitive, error-prone tasks.

       Risk and business continuity management to evaluate potential security hazards or performance issues before changes are implemented.

       Security infrastructure optimization to provide high performance and a satisfactory user experience while containing infrastructure costs.

       Auditing and compliance management to ensure fulfillment of industry regulations and vendor best practices as well as corporate IT policies.

 

Key challenges for successful implementation of the Tufin SecureTrack in large organizations include the following:

 

 

 

We are witnessing rising demand for Tufin solutions from countries like China, India, Vietnam, Malaysia, Singapore and Philippines. We’re starting to work more closely with security focused channel partners in these areas.

 

Tufin is selling via security focused channel partners. Tufin has launched a very successful channel program, which today includes around 75 distributors and resellers. Tufin has active channel partners in Japan, Taiwan, South Korea and Australia.

 

Tufin develops security lifecycle managementsoftware for large enterprises with the majority of clients in the financial services, telecom, pharmaceutical and technology sectors. Specifically, providing network security for a large organization has become an extremely complex operation involving hundreds of infrastructural components and multiple security teams around the world. At the same time, organizations must comply with rigorous standards of transparency and accountability. Planning, implementing, enforcing and auditing organizational security policies are now business-critical.

 

Tufin is about to launch a new product in mid-September called SecureChange Workflow, a security change automation solution. SecureChange Workflow enables companies to rapidly automate security change management and risk analysis. With SecureChange Workflow, companies can proactively enforce security policies while increasing operational efficiency.  This is a complimentary product to our existing flagship product, SecureTrack, a security operations management solution that enables operations teams to increase network security and automate day-to-day tasks with powerful change tracking and risk analysis capabilities.